Re: [JBoss-user] A security question

Wed, 05 Jun 2002 01:59:24 -0700 

Hello jfina,

Wednesday, June 05, 2002, 11:47:56 AM, you wrote:

j> hi!

j> I'm trying to configure client login and have some issues to clear out (jboss3.0 
latest).

j> 1: My entitybean role is configured using xdoclet and the tag: 
@ejb:security-role-ref role-name="administrator"
j> role-link="administrator".

j> 2: I guessed that the role administrator must exist in the roles.properties file. 
so this file is like:
j>         jon.Roles=administrator
j>         jon.CallerPrincipal=caller_jon

j> 3: I've defined users in users.properties like:
j>         jon=mypwd

j> 4: So, with my testclient i create the logincontext: LoginContext("other", handler) 
with jon and mypwd in handler using the "other"
j> module in login-conf.xml

j> 5: I get this error:
j>          +++ Running ClientTest with username=jon, password=[C@45a877
j>          java.lang.SecurityException: Unable to locate a login configuration

j> First question : What am i missing?

Do you have jaas config file on the client side? For example let's
call it jaas.config:
/** Login Configuration for JAAS **/
TestClient {
    org.jboss.security.ClientLoginModule required unauthenticatedIdentity=nobody;
};

Then you have to add this option to command line running the client:
-Djava.security.auth.login.config=path\to\the\jaas_config_file\jaas.config


j> Second question: Are all the roles defined in the roles.properties and edited there?

I guess so.


j> Third question : In login-conf.xml the following is defined:
j>     <application-policy name = "MySqlDbRealm">
j>        <authentication>
j>           <login-module code = 
"org.jboss.resource.security.ConfiguredIdentityLoginModule"
j>              flag = "required">
j>              <module-option name = "principal">administrator</module-option>
j>              <module-option name = "userName">root</module-option>
j>              <module-option name = "password"></module-option>
j>              <module-option name = 
"managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=MySqlDS module-option>
j>           </login-module>
j>        </authentication>
j>     </application-policy>
j> What is the principal module-option good for?

I'd like to know too :)

alex



_______________________________________________________________

Don't miss the 2002 Sprint PCS Application Developer's Conference
August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm

_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user

Reply via email to